This article outlines the key security measures implemented by DataReportive to protect your data. It also provides best practices you should follow to ensure secure usage of the platform.

Security Standards at DataReportive

We understand that databases often contain sensitive information, which is why data security and privacy are top priorities at DataReportive. We employ multiple safeguards to ensure that sensitive information—especially credentials and data transfers—are handled securely.

All database connection details, including passwords, are encrypted and stored securely. Each customer’s account data is isolated in a dedicated database. If you'd like to audit your stored information, please contact us.

Payment details, such as credit card information, are managed by Stripe, a trusted and industry-leading payment processor. Our websites are protected by SSL certificates and operate over HTTPS using TLS version 1.2, the latest official TLS protocol (RFC 5246).

Connecting Your Database Securely

While standard ODBC connections are supported, we strongly recommend connecting your database using a Secure Shell (SSH) tunnel. SSH is a robust cryptographic protocol designed to protect data transmission over unsecured networks.

Use Restricted Database Accounts

The database user account used by DataReportive should have only the necessary permissions. We highly recommend assigning this user read-only access and explicitly whitelisting the specific tables it can access. Additionally, restrict connections to only allow access from your internal network or DataReportive’s IP address, particularly if you use a firewall.

Avoid Using Production Databases

We advise against connecting production databases or those used by mission-critical systems to DataReportive. If reporting on this data is required, consider creating read-only replicas in a non-production environment for a safer integration.

Avoid Storing Sensitive Personal Information

If your database contains personal or sensitive information, we recommend excluding such data from your DataReportive connection. If access to this data is absolutely necessary, consider obfuscating or anonymizing the information unless it is critical to your reporting needs.

Managing User Access in DataReportive

DataReportive allows you to configure access controls for users and groups to manage visibility of reports and data. It is your responsibility to ensure that access permissions are correctly set to prevent unauthorized data exposure.